How do your applications use LDAP? Do you have an authentication mechanism for the application?
If you use the authentication mechanism of your Java EE Application Server (WAS), you do not need to have SSO enabled on your WAS so that your users can subscribe to both applications at the same time.
In your WAR / EAR descriptors, define Java EE roles and authentication methods, restrict access to your applications for members to these roles, configure WAS to authenticate against your LDAP, and associate the roles defined in your applications for LDAP users / groups during deployment (for example, all users who authenticate with LDAP or a specific group).
Changes to WAR / EAR descriptors and deployment parameters can be specified in RAD 7 using WAR / EAR editors; LDAP configuration must be done using the WAS administration console.
EDIT:
OK, for a long time, no (such a configuration in WAS). I had to try it myself, and it seems that SSO needs to be enabled.
Here's my setup: I had two simple applications: one with forms-based authorization, the other with HTTP authentication, each defining a security role and security restriction for its web resources. Both roles were associated in the EAR application.xml editor with "All Authenticated Users" (information about the deployment of the WAS type is stored in ibm-application-bnd.xmi). When SSO disconnected, I noticed the same behavior as you.
However, after turning on SSO, it started to work well ...
How I turned on SSO: there are several options, since I enable single sign-on support for LTPA with basic settings (WAS 6): Go to the admin console → Security → Global Security → select LTPA as the authentication mechanism → Apply, then Security → Global Security → Mechanisms authentication → LTPA → Enable single character → Enabled →, then Save all and restart).
Further settings ... you probably need to restore the LTPA keys for prod deployment. For other WAS servers to join SSO, synchronize the LTPA keys.
Sorry for the confusion in my original answer.